Yorick Koster
46ec04dd15
Removed This PC ItemID & increased timeout in WaitForSingleObject
...
Remove the This PC ItemID to bypass (some) AV.
Timeout for WaitForSingleObject is set to 2,5s. After this timeout a
mutex is released allowed a new payload to be executed.
2017-08-02 15:47:22 -05:00
Yorick Koster
e6e94bad4b
Replace CreateEvent with CreateMutex/WaitForSingleObject
...
Time out is set to 1500 ms to prevent running the payload multiple times
2017-08-02 15:47:22 -05:00
Yorick Koster
e51e1d9638
Added new DLL templates to prevent crashing of Explorer
2017-08-02 15:47:21 -05:00
Brent Cook
6300758c46
use https for metaploit.com links
2017-07-24 06:26:21 -07:00
Pearce Barry
bc3b883758
Add docs, fix typo, add missing report mixin to avoid error.
2017-06-05 13:49:59 -05:00
L3cr0f
6a3fc618a4
Add bypassuac_injection_winsxs.rb module
2017-06-03 12:59:50 +02:00
Brent Cook
a01a2ead1a
Land #8467 , Samba CVE-2017-7494 Improvements
2017-05-30 00:15:03 -05:00
HD Moore
38491fd7ba
Rename payloads with os+libc, shrink array inits
2017-05-27 19:50:31 -05:00
HD Moore
b7b0c26f4a
Reduce minimum GLIBC versions where we can
2017-05-27 19:28:41 -05:00
HD Moore
184c8f50f1
Rework the Samba exploit & payload model to be magic.
2017-05-27 17:03:01 -05:00
William Webb
d4ba28a20b
Land #8457 , Update multi/fileformat/office_word_macro to allow custom templates
2017-05-26 15:09:23 -05:00
wchen-r7
ee13195760
Update office_word_macro exploit to support template injection
2017-05-25 15:53:45 -05:00
HD Moore
0520d7cf76
First crack at Samba CVE-2017-7494
2017-05-24 19:42:04 -05:00
HD Moore
afc804fa03
Quick Ghostscript module based on the public PoC
2017-04-28 09:56:52 -05:00
anhilo
f3d6a8c456
split PSModulePath in multi strings with ';'
...
1、allows the HTA window to be invisible
2017-04-26 11:01:59 +08:00
wchen-r7
5bbb4d755a
Land #8254 , Add CVE-2017-0199 - Office Word HTA Module
2017-04-24 16:05:00 -05:00
Brandon Knight
c724f0e05d
Handle multiple entries in PSModulePath
...
This commit handles the case where more than one entry exists in
the PSModulePath environment variable. The updated code will loop
through each entry in the PSModulePath checking for the presence of
powershell.exe. When one is encountered it will execute the payload
and exit the for loop.
2017-04-19 11:22:38 -04:00
nixawk
637098466c
Hidden black flash windows / Close HTA windows
2017-04-16 22:53:17 -05:00
nixawk
a9df917257
Fix rtf info author
2017-04-14 21:16:39 -05:00
nixawk
8c662562d3
add CVE-2017-0199 format
2017-04-14 13:22:32 -05:00
Koen Riepe
437d9b6f02
Fixed newline error in powershell script.
2017-04-05 12:38:38 +02:00
bwatters-r7
64c06a512e
Land #8020 , ntfs-3g local privilege escalation
2017-04-04 09:48:15 -05:00
h00die
e80b8cb373
move sploit.c out to data folder
2017-03-31 20:51:33 -04:00
Pearce Barry
c00b9ca1e5
Land #8175 , Get into the DANGER ZOOOOOOONE
2017-03-31 14:31:22 -05:00
HD Moore
b5771b0f72
Get into the DANGER ZOOOOOOONE
2017-03-31 12:26:42 -05:00
dmohanty-r7
1ce7bf3938
Land #8126 , Add SolarWind LEM Default SSH Pass/RCE
2017-03-31 11:21:32 -05:00
Mehmet Ince
e9f816272d
Adding solarwinds lem default ssh credentials to the wordlist
2017-03-24 13:24:05 +03:00
Jon P
4628dfe16b
Remove old banner + rubygems requirements
2017-03-13 17:36:21 +01:00
Jon P
c9a5190726
Patching "undefined method empty?" errors + "encoding error"
2017-03-13 17:32:56 +01:00
Jon P
e8257122b3
Creation of a sub-module for modules/auxiliary/crawler/msfcrawler
...
Catching links in comments
2017-03-13 17:18:39 +01:00
Koen Riepe
2fb42ff019
Fixed an issue in the powershell script
2017-03-07 13:56:18 +01:00
wchen-r7
6965a00b45
Resolve #8023 , Support backward compatibility for Office macro
...
Resolve #8023
2017-02-27 13:02:41 -06:00
Koen Riepe
0fa0fe3bf8
Added NTDSgrab module to metasploit.
2017-02-24 10:15:13 +01:00
William Webb
83cc28a091
Land #7972 , Microsoft Office Word Macro Generator OS X Edition
2017-02-21 13:26:42 -06:00
Brent Cook
2c570b6709
Land #7942 , Microsoft SQL Server Clr Stored Procedure Payload Execution
2017-02-17 17:28:54 -06:00
wchen-r7
3d269b46ad
Support OS X for Microsoft Office macro exploit
2017-02-16 12:28:11 -06:00
OJ
2d834a3f5a
Finalise module, and add supporting binaries
2017-02-10 12:56:40 +10:00
bwatters-r7
272d1845fa
Land #7934 , Add exploit module for OpenOffice with a malicious macro
2017-02-09 13:42:58 -06:00
wchen-r7
047a9b17cf
Completed version of openoffice_document_macro
2017-02-08 16:29:40 -06:00
wchen-r7
cefbee2df4
Add PoC for OpenOffice macro module
2017-02-07 10:12:23 -06:00
wchen-r7
ccaa783a31
Add Microsoft Office Word Macro exploit
2017-02-02 17:44:55 -06:00
William Webb
fb74b2d8f3
initial commit of finished product
2017-01-20 11:01:36 -06:00
bwatters_r7
4035dd7485
Land #7796 , Improve zip module windows script fallback
2017-01-17 10:59:04 -06:00
Brent Cook
24f7959805
add binary for futex_requeue
2017-01-11 13:25:30 -06:00
Brent Cook
2585c8c8b5
Land #7461 , convert futex_requeue (towelroot) module to use targetting and core_loadlib
2017-01-11 13:24:25 -06:00
Brent Cook
31f85b905a
add comments
2017-01-07 12:50:11 -06:00
Brent Cook
cdcf4cce7d
improve zip module windows script fallback
...
- handle non-English locales
- wait more reliably, handle network paths where FS info gets stale
- use absolute paths correctly
2017-01-07 12:27:03 -06:00
Brent Cook
2652f347fa
add module binary
2016-12-22 03:25:10 -06:00
Tim
e6d4c0001c
hide debug printing
2016-12-20 00:52:11 +08:00
Pearce Barry
1dae206fde
Land #7379 , Linux Kernel BPF Priv Esc (CVE-2016-4557)
2016-11-11 16:50:20 -06:00
scriptjunkie
268a72f210
Land #7193 Office DLL hijack module
2016-11-08 23:15:27 -06:00
Yorick Koster
3c1f642c7b
Moved PPSX to data/exploits folder
2016-11-08 16:04:46 +01:00
William Webb
31b593ac67
Land #7402 , Add Linux local privilege escalation via overlayfs
2016-11-01 12:46:40 -05:00
dmohanty-r7
d918e25bde
Land #7439 , Add Ghostscript support to ImageMagick Exploit
2016-10-28 17:07:13 -05:00
Pearce Barry
43fd0a8813
Land #7436 , Put Rex-exploitation Gem Back
2016-10-18 16:03:54 -05:00
h00die
0d1fe20ae5
revamped
2016-10-15 20:57:31 -04:00
Brent Cook
741c4b8916
updated android payload gem, removed unused extension jar
2016-10-14 09:59:06 -05:00
Brent Cook
9fbe1ddd9d
Land #7384 , CVE-2016-6415 - Cisco IKE Information Disclosure
2016-10-14 08:41:34 -05:00
William Vu
9b15899d91
Add PS template
2016-10-13 17:40:15 -05:00
William Vu
6f4f2bfa5f
Add PS target and remove MIFF
2016-10-13 17:39:55 -05:00
David Maloney
7894d5b2c1
Revert "Revert "use the new rex-exploitation gem""
...
This reverts commit f3166070ba
.
2016-10-11 17:40:43 -05:00
Pearce Barry
d1a11f46e8
Land #7418 , Linux recvmmsg Priv Esc (CVE-2014-0038)
2016-10-09 18:37:52 -05:00
h00die
2dfebe586e
working cve-2014-0038
2016-10-08 23:58:09 -04:00
Brent Cook
f3166070ba
Revert "use the new rex-exploitation gem"
...
This reverts commit 52f6265d2e
.
2016-10-08 21:55:16 -05:00
William Vu
3b3185069f
Land #7408 , Mirai botnet wordlists
2016-10-06 10:07:20 -05:00
Tonimir Kisasondi
83548a0dde
added mirai user/pass to unhash set
2016-10-05 22:24:11 +02:00
Tonimir Kisasondi
7ce73be936
Add linux.mirai wordlists
2016-10-05 17:57:08 +02:00
David Maloney
52f6265d2e
use the new rex-exploitation gem
...
use the new rex-exploitation gem instead of the packaged in lbirary code
cleans up a huge ammount of space in framework
MS-1709
2016-10-05 09:05:27 -05:00
h00die
27cf5c65c4
working module
2016-10-04 23:21:53 -04:00
David Maloney
af4f3e7a0d
use templates from the gem for psh
...
use the templates now contained within the magical
gem of rex-powershell
7309
MS-2106
2016-10-04 14:14:25 -05:00
mach-0
dcc77fda5b
Add back accidentally-deleted nasm comment.
2016-10-03 23:47:13 -05:00
mach-0
eff85e4118
Just remove DT_HASH.
2016-10-03 23:43:19 -05:00
mach-0
8828060886
Fix linux x64 elf-so template.
...
Previously the elf-so would crash when loaded with LD_PRELOAD,
due to not enough room for the symbol table.
2016-10-03 23:24:31 -05:00
nixawk
7368b995f2
CVE-2016-6415 Cisco - sendpacket.raw
2016-09-29 22:24:55 -05:00
h00die
c036c258a9
cve-2016-4557
2016-09-29 05:23:12 -04:00
OJ
0e82ced082
Add LPE exploit module for the capcom driver flaw
...
This commit includes:
* RDI binary that abuses the SMEP bypass and userland function pointer
invocation that is provided by the driver.
* Related metasploit module.
* Associated make.build to build from command line.
* Updated command line build file.
This also includes the beginnings of a new set of functions that help
with the management/automation of kernel-related work on Windows for
local priv esc exploits.
2016-09-27 22:37:45 +10:00
Pearce Barry
6382fffc75
Land #7326 , Linux Kernel Netfilter Privesc
2016-09-26 12:38:50 -05:00
h00die
23e5556a4c
binary drops work!
2016-09-24 21:31:00 -04:00
Joshua J. Drake
dbf66f27d5
Add a browser-based exploit module for CVE-2015-3864
2016-09-23 11:14:31 -05:00
Adam Muntner
726079c6e7
diffed with fuzzdb
...
https://github.com/fuzzdb-project/fuzzdb/blob/master/discovery/predictable-filepaths/webservers-appservers/SAP.txt
2016-09-21 00:20:46 -04:00
dmohanty-r7
4c4f2e45d6
Land #7283 , add jsp payload generator
2016-09-16 14:37:59 -05:00
Tim
6cb331e74d
Land 7281, add vagrant default password to wordlist
2016-09-07 13:01:01 +01:00
Tim
96f81b4817
add root:vagrant to root_userpass
2016-09-07 12:59:12 +01:00
Christian Mehlmauer
c6012e7947
add jsp payload generator
2016-09-06 22:17:21 +02:00
Pearce Barry
9d5a276e91
Fix recent metasploit-framework.gemspec conflict.
2016-09-06 13:10:28 -05:00
wchen-r7
23a5d737fc
Add password "vagrant" to wordlists
...
The password "vagrant" is often used in Metasploitable3.
2016-09-06 12:36:02 -05:00
Brendan
83160b7e49
Land #7173 , Add post module to compress (zip) a file or directory
2016-08-24 09:38:04 -05:00
wchen-r7
e154aafaaa
On Error Resume Next for zip.vbs
2016-08-17 17:08:38 -05:00
David Maloney
8bece28d00
remove *scan bins as well
...
all *scan bins need to be removed as the rex-bin_tools
gem will now handle these and put them in PATH
MS-1691
2016-08-15 14:04:00 -05:00
wchen-r7
8f7d0eae0c
Fix #7155 - Add post module to compress (zip) a file or directory
...
Fix #7155
2016-08-02 14:44:58 -05:00
William Webb
21e6211e8d
add exploit for cve-2016-0189
2016-08-01 13:26:35 -05:00
Brent Cook
d1f65b27b8
Land #7151 , Improve CVE-2016-0099 reliability
2016-07-29 09:22:11 -05:00
Brendan
ee40c9d809
Land #6625 , Send base64ed shellcode and decode with certutil (Actually MSXML)
2016-07-28 13:01:05 -07:00
wchen-r7
322fc11225
Fix whitespace
2016-07-27 12:37:14 -05:00
wchen-r7
dbe31766af
Update CVE-2016-0099 Powershell
2016-07-27 12:35:43 -05:00
Brent Cook
b08d1ad8d8
Revert "Land #6812 , remove broken OSVDB references"
...
This reverts commit 2b016e0216
, reversing
changes made to 7b1d9596c7
.
2016-07-15 12:00:31 -05:00
wchen-r7
8f928c6ca1
Land #7006 , Add MS16-032 Local Priv Esc Exploit
2016-07-12 15:22:35 -05:00
wchen-r7
621f3fa5a9
Change naming style
2016-07-12 15:18:18 -05:00
Brent Cook
2b016e0216
Land #6812 , remove broken OSVDB references
2016-07-11 22:59:11 -05:00
William Webb
b4b3a84fa5
refactor ms16-016 code
2016-07-05 20:50:43 -05:00
khr0x40sh
df1a9bee13
Move ps1, Use Env var, Fix license, New Cleanup
...
MS16-032 ps1 moved to external file. This ps1 will now detect windir
to find cmd.exe. The module now also detects windir to find
powershell.exe. The license is now BSD_LICENSE, and the required
copyright has been moved to the ps1. The previous optional cleanup stage
is now standard. The optional 'W_PATH' assignment is corrected to
select the user's variable unless 'W_PATH' is nil.
2016-06-22 09:25:48 -04:00
Brent Cook
ba72d3fd92
Land #6988 , Update banners to metasploit.com, not .pro
2016-06-17 15:29:30 -05:00
h00die
cd207df6b8
adding karaf to unix lists per 4358
2016-06-15 20:31:48 -04:00
Tod Beardsley
fe4cfd7e3e
Update banners to metasploit.com, not .pro
2016-06-14 15:11:04 -05:00
wwebb-r7
ab27c1b701
Merge pull request #6940 from samvartaka/master
...
Exploit for previously unknown stack buffer overflow in Poison Ivy versions 2.1.x (possibly present in older versions too)
2016-06-08 11:25:51 -05:00
samvartaka
5260031991
Modifications based on suggestions by @wchen-r7
2016-06-08 01:17:15 +02:00
William Vu
9128ba3e57
Add popen() vuln to ImageMagick exploit
...
So... we've actually been sitting on this vuln for a while now. Now that
the cat's out of the bag [1], I'm updating the module. :)
Thanks to @hdm for his sharp eye. ;x
[1] http://permalink.gmane.org/gmane.comp.security.oss.general/19669
2016-06-02 11:35:37 -05:00
Brent Cook
7b024d1a72
Land #6914 , add siem to the namelist
2016-05-24 14:22:44 -05:00
x90" * 365
9d545b0a05
Update namelist.txt
2016-05-24 13:00:59 -04:00
William Vu
2bac46097f
Remove url() for MVG
...
Technically unnecessary here.
2016-05-05 14:18:42 -05:00
William Vu
334c432901
Force https://localhost for SVG and MVG
...
https: is all that's needed to trigger the bug, but we don't want wget
and curl to gripe. localhost should be a safe host to request.
2016-05-05 14:18:42 -05:00
William Vu
decd770a0b
Encode the entire SVG string
...
Because why not? Not like people care about what's around the command.
2016-05-05 14:18:42 -05:00
William Vu
232cc114de
Change placeholder text to something useful
...
A la Shellshock. :)
2016-05-05 14:18:42 -05:00
William Vu
5c04db7a09
Add ImageMagick exploit
2016-05-05 14:18:42 -05:00
wchen-r7
71c8ad555e
Resolve #6839 , Make Knowledge Base as default
...
Resolve #6839
2016-05-02 14:12:09 -05:00
wchen-r7
d80d2bb8d3
Land #6825 , Fixed borders on code boxes
2016-04-27 11:59:52 -07:00
wchen-r7
816bc91e45
Resolve #6807 , remove all OSVDB references.
...
OSVDB is no longer a vulnerability database, therefore all the
references linked to it are invalid.
Resolve #6807
2016-04-23 12:32:34 -05:00
Brent Cook
57ab974737
File.exists? must die
2016-04-21 00:47:07 -04:00
wchen-r7
22831695dd
Land #6721 , Add additional SOLMAN default creds
2016-03-30 10:48:53 -05:00
Meatballs
4f84c5a3b7
Add additional SOLMAN default creds
2016-03-29 15:53:15 +01:00
f7b053223a9e
629bc00696
Use MSXML decoder instead
2016-03-25 22:52:16 +09:00
wchen-r7
57984706b8
Resolve merge conflict with Gemfile
2016-03-24 18:13:31 -05:00
wchen-r7
76c6f8c19d
Move module_doc_template
2016-03-24 17:07:19 -05:00
l0gan
e29fc5987f
Add missing stream.raw for hp_sitescope_dns_tool
...
This adds the missing stream.raw.
2016-03-15 11:06:06 -05:00
wchen-r7
d6742c4097
Change <hr> color
2016-03-10 10:44:18 -06:00
wchen-r7
ad0a948ae7
Update module_doc_template
2016-03-08 12:21:20 -06:00
wchen-r7
58b8c35146
Escape HTML for KB and update rspec
2016-03-08 10:10:10 -06:00
wchen-r7
027315eeaa
Update post_demo_template
2016-03-05 20:33:40 -06:00
wchen-r7
03eb568af7
Add --- to make sections to stand out more
2016-03-05 15:17:19 -06:00
wchen-r7
f4866fd5f0
Update template and web_delivery doc
2016-03-03 01:27:14 -06:00
wchen-r7
cececa749d
Update css
2016-03-03 00:58:17 -06:00
wchen-r7
11964c5c1a
Add remote exploit demo and web_delivery doc
2016-03-02 19:52:11 -06:00
f7b053223a9e
19bd7b98f4
Fix minor indenting issue
2016-03-01 11:50:56 +09:00
f7b053223a9e
c8c5549b19
Send base64ed shellcode and decode with certutil
2016-03-01 10:48:25 +09:00
wchen-r7
fd8e3e719d
real demo
2016-02-26 14:43:53 -06:00
wchen-r7
ed0dfa5725
basic usage
2016-02-26 14:35:07 -06:00
wchen-r7
250ce6fb17
lets be clear
2016-02-26 14:30:12 -06:00
wchen-r7
1c53e53d23
More info about how to write the doc
2016-02-26 14:24:24 -06:00
wchen-r7
e40f1e69db
Update default template
2016-02-26 14:18:24 -06:00
wchen-r7
6060c7b09b
We make this pretty
2016-02-26 14:15:54 -06:00
wchen-r7
95a9f42996
Add a template for future module documentation
2016-02-24 19:28:17 -06:00
wchen-r7
24530e2734
Scrollable list, tab name change, print_status
2016-02-19 20:46:39 -06:00
wchen-r7
34d10d7829
Should be fullname
2016-02-19 00:13:55 -06:00
wchen-r7
7444a0ff04
Make it more obvious which tab the user is viewing
2016-02-18 17:59:45 -06:00
wchen-r7
4fc7008561
Close div properly
2016-02-18 16:12:27 -06:00
wchen-r7
56c2ba9f75
Turn the HTML template into external
2016-02-18 15:41:14 -06:00
wchen-r7
e5ad6fa781
Support "knowledge base"
2016-02-18 15:02:24 -06:00
wchen-r7
f8d6a59cdc
Change wording
2016-02-18 12:19:25 -06:00
wchen-r7
089d6985b6
Add more demo templates
2016-02-18 00:17:32 -06:00
wchen-r7
1bfe1ad140
More demos
2016-02-17 19:04:06 -06:00
wchen-r7
76f2c917ee
Allow no GITHUB_OAUTH_TOKEN, and gsub for demo
2016-02-17 15:38:30 -06:00
wchen-r7
714106174e
Do external erb template
2016-02-17 14:27:29 -06:00
wchen-r7
b0cfb4aacf
Add info -d to show module documentation in .md
2016-02-16 22:44:03 -06:00
Jay Turla
aeb1d80e0d
Adding top 100 adobe passwords
2016-02-11 08:55:45 +08:00
Bigendian Smalls
b3e8bd1dab
Updated zsploit screens to use std msf colors
...
Using Rex::Ui::Text::Colors now instead of ansi codes
Thanks to @mainframed for the quick turnaround
2016-02-09 12:01:25 -06:00
Bigendian Smalls
90e37ea749
Added three cool new mainframe themed screens
...
Thanks to *Solider of Fortran* @mainframed for his amazing original artwork!
These set of 3 limited edition, original, one-of-a-kind screens will modernize
your msf installation to the 1960s and beyond. No seriously they are super cool
and now that metasploit-framework supports System Z - it seemed only fitting.
2016-01-20 06:10:51 -06:00
Brent Cook
7f9b804060
Land #6410 , remove JtR binaries, update for independent framework releases
2016-01-06 14:16:49 -06:00
Chris Doughty
97ae09729c
Add john.conf to data dir as referenced by: lib/metasploit/framework/jtr/cracker.rb
2016-01-06 13:00:05 -06:00
Chris Doughty
ae57bce262
Adding wordlists back to path
2016-01-06 12:54:25 -06:00
JT
bf764deefb
Add SCADA Default UserPass List
...
This list was based on SCADAPASS: https://github.com/scadastrangelove/SCADAPASS
2016-01-06 12:25:29 +08:00
William Vu
be340774ea
Land #6432 , Piata SSH scanner wordlist
2016-01-05 10:15:17 -06:00
JT
66e2d945d8
Add more SAP ICM paths
2016-01-05 13:05:46 +08:00
JT
913e8ec525
Update piata_ssh_userpass.txt
2016-01-05 11:28:54 +08:00
JT
713828d0b6
Add piata wordlist
...
Add user and pass wordlist from Piata Mass SSH scanner
2016-01-05 11:27:04 +08:00
Chris Doughty
8090bbc750
Changes to support framework as a gem
2015-12-30 11:00:45 -06:00
wchen-r7
5f5b3ec6a1
Add MS15-134 Microsoft Windows Media Center MCL Information Disclosure
...
CVE-2015-6127
2015-12-17 22:41:58 -06:00
dmohanty-r7
eb4611642d
Add Jenkins CLI Java serialization exploit module
...
CVE-2015-8103
2015-12-11 14:57:10 -06:00
Brent Cook
c301c7c7b0
use wav with sounds plugin for windows / linux compat
2015-12-08 16:20:44 -06:00
wchen-r7
d44224142e
Update audio files
2015-11-25 23:41:18 -06:00
wchen-r7
776455d10a
Add another sound and event
...
Add sound: "We've got a shell"
Add event on_session_fail
2015-11-25 22:46:51 -06:00
wchen-r7
af8c557fa9
Add the MP3s
2015-11-25 18:09:27 -06:00
wchen-r7
fa32f43ee4
Muts says "Try harder!" or "Excellent" for the sounds plugin
...
With the sounds plugin, muts will say "excellent!" when a session
is received. If a session is terminated (either exited or lost),
muts will say "try harder!"
2015-11-25 18:06:58 -06:00
scriptjunkie
8703987535
Add HTTPS and new transport support for hop
2015-11-11 21:25:23 -06:00
Louis Sato
9c347fbaae
Land #6195 , remove ff buildid from os.js
2015-11-05 15:01:15 -06:00
William Vu
2f65405a4e
Fix missing brace and indent level
2015-11-05 14:30:26 -06:00
James Lee
1f73bbe7ca
Remove obsolete files in data/gui/
2015-11-02 10:44:47 -06:00
scriptjunkie
d90f87449a
Fix merge
2015-09-22 16:55:01 -05:00
scriptjunkie
7d2a2a8b64
Fix issues with using hop for new core
2015-09-22 16:54:02 -05:00
Mo Sadek
48b06a2cd9
Fixed no detection error
2015-09-18 10:48:24 -05:00
Mo Sadek
858d3f5a55
Closes #3936 , Remove Firefox buildid from os.js
2015-09-16 16:04:22 -05:00
wchen-r7
c7afe4f663
Land #5930 , MS15-078 (atmfd.dll buffer overflow)
2015-09-16 15:33:38 -05:00
jvazquez-r7
9626596f85
Clean template code
2015-09-12 13:43:05 -05:00
jvazquez-r7
53f995b9c3
Do first prototype
2015-09-10 19:35:26 -05:00
jvazquez-r7
30cb93b4df
Land #5940 , @hmoore-r7's fixes for busybox post modules
2015-09-08 15:12:23 -05:00
wchen-r7
122d57fc20
Land #5945 , Add auto-accept to osx/enum_keychain
2015-09-08 10:56:08 -05:00
joev
1b320bae6a
Add auto-accept to osx/enum_keychain.
2015-09-07 21:17:49 -05:00
HD Moore
091c4d5214
Expand and reorder
2015-09-05 22:51:32 -05:00
HD Moore
76d74576db
Remove FTP-only default credentials
2015-09-05 22:39:51 -05:00
HD Moore
21b69b9430
Remove HP MPE/iX password defaults
2015-09-05 22:38:30 -05:00
jvazquez-r7
eaf51a2113
Land #5722 , @vallejocc's busybox work
2015-09-04 13:36:44 -05:00
jvazquez-r7
b39575928e
Update reflective exploit
2015-09-03 11:01:41 -05:00
jvazquez-r7
b912e3ce65
Add exploit template
2015-09-02 17:28:35 -05:00
HD Moore
4090c2c8ea
Land #5880 , adds ScriptHost UAC bypass for Win7/2008
2015-09-02 14:14:18 -05:00
James Lee
1b778d0650
Land #5898 , use gem version of php & python meterp
2015-08-31 16:16:36 -05:00
Brent Cook
30830ad9e5
Land #5262 , fix webcam_chat and tidy adjacent code
2015-08-31 14:21:24 -05:00
Brent Cook
a51d3df753
typo
2015-08-31 14:18:55 -05:00
wchen-r7
9364982467
Land #5665 , Add osx rootpipe entitlements exploit for 10.10.3
2015-08-28 13:33:16 -05:00
wchen-r7
11db9c2112
Land #5896 , Update ms15_004_tswbproxy to use a Reflective DLL
2015-08-27 17:11:26 -05:00
Brent Cook
593f501571
finish move of php / python meterpreters to metasploit-payloads
2015-08-27 11:34:22 -05:00
HD Moore
a2d5511e39
Land #5379 , new post modules to load into powershell sessions
2015-08-26 17:11:40 -05:00